Froehling Anderson Blog

Five Questions to Help Leaders Assess Cybersecurity Risk

Written by Froehling Anderson | May 11, 2021 8:45:00 PM

How do you know if your organization is at risk of a cyber-attack? There are five questions your leadership team should ask and answer before your company is the victim of a data breach.

Another day, another data breach. We have already seen several major data breaches during the first month of 2021 alone. For example, a database maintained by an online photo editing app containing 1.9 million user records was hacked on January 20, while order information for 7 million customers of a men’s clothing retailer was hacked on January 22 and posted on a hacker forum where anyone could obtain it.

The Cost of a Data Breach

A study conducted by IBM last year, The 2020 Cost of a Data Breach Report, put a price tag on data breaches. According to the study, the average cost of a data breach is $3.86 million. And 80 percent of data breaches resulted in the exposure of customers’ personally identifiable information, which is the most expensive type of breach to remedy.

Stolen or compromised employee credentials and cloud misconfigurations are two of the most common causes of data breaches, with 40 percent of breaches caused by these incidences. Misconfigured cloud networks increased data breach costs by half-a-million dollars, according to the study.

Cybersecurity Starts with Engagement at the Top

Statistics like these make it clear that cybersecurity should be an important part of every organization’s operating plan. Ensuring a well-protected network starts with a top-down approach – having informed and involved leadership.

Here are five key cybersecurity questions that leaders cannot afford to ignore.

Question 1: Is your executive leadership informed about cyber risks that threaten the company?

Cybersecurity is about proactively managing risk. A breach can have dire consequences, which makes managing cybersecurity risk a critical part of an organization’s governance, risk management and business continuity plan. Early response actions can limit or even prevent possible damage. Timely incidence reporting to leadership should be built into the strategic framework for managing the enterprise. The CEO, CIO, business leaders, continuity planners, system operators, general counsel and public affairs should be part of the chain of communications.

Question 2: What is your exposure to cyber risk, the potential impact of a breach and your plan for addressing both?

Identifying your critical assets and potential related impacts from cyber threats is critical to understanding your specific risk exposure, whether it’s financial, competitive, reputational or regulatory. Risk assessment results are key to identifying and prioritizing specific protective measures. This includes allocating resources, apprising long-term investments and developing policies and strategies to manage cyber risks at an acceptable level.

Question 3: Does your cybersecurity program apply industry standards and best practices?

A comprehensive cybersecurity program leverages industry standards and best practices to protect systems, detect potential problems and enable timely response and recovery. Compliance requirements help identify and establish a good cybersecurity baseline and address known vulnerabilities. But they don’t always address new and dynamic threats and sophisticated attacks. Using a risk-based approach to apply cybersecurity standards and practices allows for more comprehensive and cost-effective management of cyber risks than relying on compliance actions alone.

Question 4: How many cyber incidents is normal for you? At what point should executive leadership be informed?

Leadership engagement in defining the risk strategy and levels of acceptable cyber risk ensures close alignment with the business needs of the organization. Regular communication between leaders and those held accountable for managing cyber risk provides awareness of current threats, security gaps and associated business impact. Compiling risk data from various sources and taking part in threat information sharing with partners helps organizations identify and respond to incidents quickly.

A good way to establish updated security protocols is to have an assessment conducted of your network. This can show you where you stand and provide insights to a solid plan of action.

Question 5: How comprehensive is your cyber incident response plan? How often is it tested?

Even a well-defended organization will likely experience a cyber incident at some point. When network defenses are penetrated, the leadership group should be prepared with a response plan. Documented cyber incident response plans that are exercised regularly help enable timely response and minimize impacts.


Devise a Cybersecurity Plan Now

When it comes to cybercrime and data breaches there’s a saying: “it’s not a question of if, but when”. Now is the time to devise a plan for how your organization will deal with a data breach when one occurs.

Plan now to meet with and engage your key leaders to discuss these and other critical cybersecurity questions. If you don’t have adequate answers to them now, commit to doing whatever it takes to get answers before your organization is the victim of a data breach.